function respond($payment = null, $orderread = array())
{
if (!empty($_POST)) {
foreach ($_POST as $key => $data) {
$_GET[$key] = $data;
}
}
$seller_email = rawurldecode($_GET['seller_email']);
$order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']);
$order_sn = trim($order_sn);
$trade_no = $_GET['trade_no'];
if (!check_money($order_sn, $_GET['total_fee'])) {
return false;
}
ksort($_GET);
reset($_GET);
$sign = '';
foreach ($_GET as $key => $val) {
if ($key != 'sign' && $key != 'sign_type' && $key != 'code') {
$sign .= "{$key}={$val}&";
}
}
$sign = substr($sign, 0, -1) . $payment['alipay_key'];
if ($_GET['trade_status'] == 'WAIT_SELLER_SEND_GOODS') {
return $trade_no;
} elseif ($_GET['trade_status'] == 'TRADE_FINISHED') {
return $trade_no;
} else {
return false;
}
}
/**
* 响应操作
*/
function respond()
{
if (!empty($_POST)) {
foreach ($_POST as $key => $data) {
$_GET[$key] = $data;
}
}
$payment = get_payment($_GET['code']);
$seller_email = rawurldecode($_GET['seller_email']);
$order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']);
$order_sn = trim($order_sn);
/* 检查支付的金额是否相符 */
if (!check_money($order_sn, $_GET['total_fee'])) {
return false;
}
/* 检查数字签名是否正确 */
ksort($_GET);
reset($_GET);
$sign = '';
foreach ($_GET as $key => $val) {
if ($key != 'sign' && $key != "n" && $key !== "h" && $key != "at" && $key != 'sign_type' && $key != 'code') {
$sign .= "{$key}={$val}&";
}
}
$sign = substr($sign, 0, -1) . $payment['alipay_key'];
//$sign = substr($sign, 0, -1) . ALIPAY_AUTH;
if (md5($sign) != $_GET['sign']) {
return false;
}
if ($_GET['trade_status'] == 'TRADE_FINISHED') {
// echo $order_sn;
// exit;
/* 改变订单状态 */
return order_paid($order_sn);
// true;
} else {
return false;
}
}
/**
* 响应操作
*/
function respond()
{
$payment = get_payment('upop');
$arr_args = array();
$arr_reserved = array();
if (is_array($_POST)) {
$arr_args = $_POST;
$cupReserved = isset($arr_args['cupReserved']) ? $arr_args['cupReserved'] : '';
parse_str(substr($cupReserved, 1, -1), $arr_reserved);
//去掉前后的{}
} else {
$cupReserved = '';
$pattern = '/cupReserved=(\\{.*?\\})/';
if (preg_match($pattern, $_POST, $match)) {
//先提取cupReserved
$cupReserved = $match[1];
}
//将cupReserved的value清除(因为含有&, parse_str没法正常处理)
$args_r = preg_replace($pattern, 'cupReserved=', $_POST);
parse_str($args_r, $arr_args);
$arr_args['cupReserved'] = $cupReserved;
parse_str(substr($cupReserved, 1, -1), $arr_reserved);
//去掉前后的{}
}
//提取服务器端的签名
if (!isset($arr_args['signature'])) {
return false;
}
//验证签名
$signature = $this->sign($arr_args, $payment['upop_security_key'], 'md5');
if ($signature != $arr_args['signature']) {
return false;
}
$arr_ret = array_merge($arr_args, $arr_reserved);
unset($arr_ret['cupReserved']);
if ($arr_ret['respCode'] != '00') {
return false;
}
if (!strpos($arr_ret['orderNumber'], '-')) {
return false;
}
$order_sn_arr = explode('-', $arr_ret['orderNumber']);
$order_sn = $order_sn_arr['0'];
$pay_id = intval($order_sn_arr['1']);
$payment_amount = intval($arr_ret['settleAmount']);
// 检查商户账号是否一致。
if ($payment['upop_account'] != $arr_ret['merId']) {
return false;
}
// 检查价格是否一致
if (!check_money($pay_id, $payment_amount / 100)) {
return false;
}
// 如果未支付成功。
if ($arr_ret['respCode'] != '00') {
return false;
}
$action_note = $arr_ret['respCode'] . ':' . $arr_ret['respMsg'] . $GLOBALS['_LANG']['upop_txn_id'] . ':' . $arr_ret['qid'];
// 完成订单。
order_paid($pay_id, PS_PAYED, $action_note);
//告诉用户交易完成
return true;
}
/**
* 响应操作
*/
function respond()
{
@ini_set('display_errors', 0);
if (!empty($_POST)) {
foreach ($_POST as $key => $data) {
$_GET[$key] = $data;
}
}
$payment = get_payment($_GET['code']);
/* 检查数字签名是否正确 */
ksort($_GET);
reset($_GET);
$sign = '';
foreach ($_GET as $key => $val) {
if ($key != 'sign' && $key != 'sign_type' && $key != 'code') {
$sign .= "{$key}={$val}&";
}
}
$sign = substr($sign, 0, -1) . $payment['alipay_key'];
if (md5($sign) != $_GET['sign']) {
return false;
}
$seller_email = rawurldecode($_GET['seller_email']);
$order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']);
$order_sn = trim($order_sn);
/* 检查支付的金额是否相符 */
if (!check_money($order_sn, $_GET['total_fee'])) {
return false;
}
if ($_GET['result'] == 'success') {
$order_sn = strlen($order_sn) > 13 ? substr($order_sn, 13) : $order_sn;
//by Leah
/* 改变订单状态 */
order_paid($order_sn, 2);
return true;
} else {
return false;
}
}
/**
* 响应操作
*返回值为:0:失败;1:成功;字符串:正在付款[注意:当该订单状态为'正在付款时,请您务必到我方服务器查看最终的结果,谢谢']
*/
function respond()
{
$payment = get_payment($_GET['code']);
////////////////////////////////////////////////////////////////////////////////////////以下是新代码
//判断是第几次请求
if (isset($_POST["ReturnBillNo"]) && !empty($_POST["ReturnBillNo"])) {
//订单号
$returnBillNo = $_POST["ReturnBillNo"];
//币种
$ReturnCurrency = $_POST["ReturnCurrency"];
//金额
$ReturnAmount = $_POST["ReturnAmount"];
//支付状态
$ReturnSucceed = $_POST["ReturnSucceed"];
//返回码: 1 :表示交易成功 ; 0: 表示交易失败
//支付结果文字说明
$ReturnResult = $_POST["ReturnResult"];
// success: 表示成功 ; fail:表示失败
//加密串
$ReturnMD5info = $_POST["ReturnMD5info"];
$MD5key = $payment['MD5key'];
//MD5私钥
$md5src = $returnBillNo . $ReturnCurrency . $ReturnAmount . $ReturnSucceed . $MD5key;
//校验源字符串
$md5sign = strtoupper(md5($md5src));
//MD5检验结果
$zh = get_order_id_by_sn($returnBillNo);
//substr($BillNo, 14);
$zh = intval(trim($zh));
/* 验证 */
if ($ReturnMD5info == $md5sign) {
if (check_money($zh, $ReturnAmount / $payment['Rate'])) {
if ($Succeed == '1') {
/* 改变订单状态 */
order_paid($zh, PS_PAYED);
return '1';
} else {
if ($Succeed == '0') {
return '0';
} else {
return '0';
}
}
} else {
return '0';
}
} else {
return '0';
}
} else {
if (isset($_REQUEST["BillNo"]) && !empty($_REQUEST["BillNo"])) {
$BillNo = $_REQUEST["BillNo"];
//订单号
$Currency = $_REQUEST["Currency"];
//币种
$Amount = $_REQUEST["Amount"];
//金额
$Succeed = $_REQUEST["Succeed"];
//支付状态
$TradeNo = $_REQUEST["TradeNo"];
//支付平台流水号
$Result = $_REQUEST["Result"];
//支付结果
$MD5info = $_REQUEST["MD5info"];
//取得的MD5校验信息
$Remark = $_REQUEST["Remark"];
//备注
$MD5key = $payment['MD5key'];
//MD5私钥
$md5src = $BillNo . $Currency . $Amount . $Succeed . $MD5key;
//校验源字符串
$md5sign = strtoupper(md5($md5src));
//MD5检验结果
$zh = get_order_id_by_sn($BillNo);
//substr($BillNo, 14);
$zh = intval(trim($zh));
/* 验证 */
if ($MD5info == $md5sign) {
if (check_money($zh, $Amount / $payment['Rate'])) {
if ($Succeed == '88') {
/* 改变订单状态 */
order_paid($zh, PS_PAYED);
return '1';
} else {
if ($Succeed == '1' || $Succeed == '9' || $Succeed == '19') {
/* 改变订单状态 */
order_paid($zh, PS_PAYING);
return $Result;
} else {
return '0';
}
}
} else {
return '0';
}
} else {
return '0';
}
}
}
////////////////////////////////////////////////////////////////////////////////////////////////////////以上都是新代码
}
/**
* 响应操作
*/
function respond()
{
/*取返回参数*/
$cmd_no = $_GET['cmdno'];
$pay_result = $_GET['pay_result'];
$pay_info = $_GET['pay_info'];
$bill_date = $_GET['date'];
$bargainor_id = $_GET['bargainor_id'];
$transaction_id = $_GET['transaction_id'];
$sp_billno = $_GET['sp_billno'];
$total_fee = $_GET['total_fee'];
$fee_type = $_GET['fee_type'];
$attach = $_GET['attach'];
$sign = $_GET['sign'];
$payment = get_payment('tenpay');
//$order_sn = $bill_date . str_pad(intval($sp_billno), 5, '0', STR_PAD_LEFT);
//$log_id = preg_replace('/0*([0-9]*)/', '\1', $sp_billno); //取得支付的log_id
if ($attach == 'voucher') {
$log_id = get_order_id_by_sn($sp_billno, "true");
} else {
$log_id = get_order_id_by_sn($sp_billno);
}
/* 如果pay_result大于0则表示支付失败 */
if ($pay_result > 0) {
return false;
}
/* 检查支付的金额是否相符 */
if (!check_money($log_id, $total_fee / 100)) {
return false;
}
/* 检查数字签名是否正确 */
$sign_text = "cmdno=" . $cmd_no . "&pay_result=" . $pay_result . "&date=" . $bill_date . "&transaction_id=" . $transaction_id . "&sp_billno=" . $sp_billno . "&total_fee=" . $total_fee . "&fee_type=" . $fee_type . "&attach=" . $attach . "&key=" . $payment['tenpay_key'];
$sign_md5 = strtoupper(md5($sign_text));
if ($sign_md5 != $sign) {
return false;
} else {
/* 改变订单状态 */
order_paid($log_id);
return true;
}
}
/**
* 响应操作
$_REQUEST["Priv1"] 为 log_id
*/
function respond()
{
$payment = get_payment($_GET['code']);
$merid=$this->config($payment);
$flag = buildKey(PUB_KEY);
//获取交易应答的各项值
$merid = $_REQUEST["merid"];
$orderno = $_REQUEST["orderno"];
$transdate = $_REQUEST["transdate"];
$amount = $_REQUEST["amount"];
$currencycode = $_REQUEST["currencycode"];
$transtype = $_REQUEST["transtype"];
$status = $_REQUEST["status"];
$checkvalue = $_REQUEST["checkvalue"];
$gateId = $_REQUEST["GateId"];
$priv1 = $_REQUEST["Priv1"];
$flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue);
if( flag && $status == '1001')
{
// 检查价格是否一致
if (!check_money($priv1, $amount/100))
{
return false;
}
order_paid($priv1, 2);
return true;
}
else
{
return false;
}
}
/**
* 响应操作
*/
function respond()
{
$payment = get_payment('wxpay');
/*取返回参数*/
$fields = 'bank_billno,bank_type,discount,fee_type,input_charset,notify_id,out_trade_no,partner,product_fee' . ',sign_type,time_end,total_fee,trade_mode,trade_state,transaction_id,transport_fee';
$arr = null;
foreach (explode(',', $fields) as $val) {
if (isset($_REQUEST[$val])) {
$arr[$val] = trim($_REQUEST[$val]);
}
}
$order_sn = $arr['out_trade_no'];
$log_id = get_order_id_by_sn($order_sn);
/* 如果trade_state大于0则表示支付失败 */
if ($arr['trade_state'] > 0) {
return false;
}
/* 检查支付的金额是否相符 */
if (!check_money($log_id, $arr['total_fee'] / 100)) {
return false;
}
$sign = $_REQUEST['sign'];
$sign_md5 = $this->create_sign($arr);
if ($sign_md5 != $sign) {
return false;
} else {
/* 改变订单状态 */
order_paid($log_id);
return true;
}
}
/**
* 响应操作
*/
function respond()
{
include_once "weixin/WxPayPubHelper.php";
// 使用通用通知接口
$notify = new Notify_pub();
// 存储微信的回调
$xml = $GLOBALS['HTTP_RAW_POST_DATA'];
$notify->saveData($xml);
$payment = get_payment('weixin');
define(KEY, $payment['partnerKey']);
// 通加密串
if ($notify->checkSign() == TRUE) {
if ($notify->data["return_code"] == "FAIL") {
$this->addLog($notify, 401);
} elseif ($notify->data["result_code"] == "FAIL") {
$this->addLog($notify, 402);
} else {
$this->addLog($notify, 200);
$order_sn = intval($notify->data['out_trade_no']);
$log_id = $GLOBALS['db']->getOne("SELECT log_id FROM " . $GLOBALS['ecs']->table('pay_log') . "where order_id='{$order_sn}' and is_paid=0 order by log_id desc");
/* 检查支付的金额是否相符 */
if (!check_money($log_id, $notify->data['total_fee'] / 100)) {
$this->addLog($notify, 404);
return true;
}
order_paid($log_id, 2);
echo 'success';
exit;
//新接口无需发货
/**
include_once ("Wechat.php");
$wechat = new Wechat ();
$parameter = array (
'appid' => $payment ['appId'],
'openid' => $notify->data ['openid'],
'transid' => $notify->data ['transaction_id'],
'out_trade_no' => $order_sn,
'deliver_timestamp' => time (),
'deliver_status' => '1',
'deliver_msg' => 'ok'
);
$result = $wechat->delivernotify ( $payment, $parameter );
*/
}
} else {
$this->addLog($notify, 403);
}
return true;
}
/**
* 响应操作.
*/
public function respond()
{
if (!empty($_POST)) {
foreach ($_POST as $key => $data) {
$_GET[$key] = $data;
}
}
$payment = get_mobile_payment('alipay');
//var_dump( $payment);exit;
$alipay_config = array();
$alipay_config['partner'] = $payment['alipay_partner'];
//安全检验码,以数字和字母组成的32位字符
//如果签名方式设置为“MD5”时,请设置该参数
$alipay_config['key'] = $payment['alipay_key'];
//商户的私钥(后缀是.pen)文件相对路径
//如果签名方式设置为“0001”时,请设置该参数
$alipay_config['private_key_path'] = '';
//$alipay_config['private_key_path'] = 'key/rsa_private_key.pem';
//支付宝公钥(后缀是.pen)文件相对路径
//如果签名方式设置为“0001”时,请设置该参数
$alipay_config['ali_public_key_path'] = '';
//$alipay_config['ali_public_key_path']= 'key/alipay_public_key.pem';
//签名方式 不需修改
$alipay_config['sign_type'] = 'MD5';
//字符编码格式 目前支持 gbk 或 utf-8
$alipay_config['input_charset'] = 'utf-8';
//$alipay_config['cacert'] = ROOT_PATH .'mobile/includes/modules/cacert.pem';
$alipay_config['cacert'] = '';
//ca证书路径地址,用于curl中ssl校验
//请保证cacert.pem文件在当前文件夹目录中
//$alipay_config['cacert'] = getcwd().'\\cacert.pem';
//访问模式,根据自己的服务器是否支持ssl访问,若支持请选择https;若不支持请选择http
$alipay_config['transport'] = 'http';
require_once ROOT_PATH . 'mobile/includes/modules/lib/alipay_notify.class.php';
$alipayNotify = new AlipayNotify($alipay_config);
$verify_result = $alipayNotify->verifyReturn();
if ($verify_result) {
$order_sn = trim($_GET['out_trade_no']);
$sql = 'SELECT l.`log_id` FROM ' . $GLOBALS['ecs']->table('order_info') . ' as info LEFT JOIN ' . $GLOBALS['ecs']->table('pay_log') . " as l ON l.order_id=info.order_id WHERE info.order_sn = '{$order_sn}'";
$order_log_id = $GLOBALS['db']->getOne($sql);
order_paid($order_log_id, 2);
return true;
} else {
return false;
}
$seller_email = rawurldecode($payment['alipay_account']);
$order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']);
$order_sn = trim($order_sn);
/* 检查数字签名是否正确 */
ksort($_GET);
reset($_GET);
$sign = '';
foreach ($_GET as $key => $val) {
if ($key != 'sign' && $key != 'sign_type' && $key != 'code') {
$sign .= "{$key}={$val}&";
}
}
$sign = substr($sign, 0, -1) . $payment['alipay_key'];
//$sign = substr($sign, 0, -1) . ALIPAY_AUTH;
if (md5($sign) != $_GET['sign']) {
return false;
}
/* 检查支付的金额是否相符 */
if (!check_money($order_sn, $_GET['total_fee'])) {
return false;
}
if ($_GET['trade_status'] == 'WAIT_SELLER_SEND_GOODS') {
/* 改变订单状态 */
order_paid($order_sn, 2);
return true;
} elseif ($_GET['trade_status'] == 'TRADE_FINISHED') {
/* 改变订单状态 */
order_paid($order_sn);
return true;
} elseif ($_GET['trade_status'] == 'TRADE_SUCCESS') {
/* 改变订单状态 */
order_paid($order_sn, 2);
return true;
} else {
return false;
}
}
/**
* 响应操作
*/
function respond()
{
$payment = get_payment($_GET['code']);
$merchant_acctid = $payment['kq_account'];
//人民币账号 不可空
$key = $payment['kq_key'];
$get_merchant_acctid = trim($_REQUEST['merchantAcctId']);
$pay_result = trim($_REQUEST['payResult']);
$version = trim($_REQUEST['version']);
$language = trim($_REQUEST['language']);
$sign_type = trim($_REQUEST['signType']);
$pay_type = trim($_REQUEST['payType']);
$bank_id = trim($_REQUEST['bankId']);
$order_id = trim($_REQUEST['orderId']);
$order_time = trim($_REQUEST['orderTime']);
$order_amount = trim($_REQUEST['orderAmount']);
$deal_id = trim($_REQUEST['dealId']);
$bank_deal_id = trim($_REQUEST['bankDealId']);
$deal_time = trim($_REQUEST['dealTime']);
$pay_amount = trim($_REQUEST['payAmount']);
$fee = trim($_REQUEST['fee']);
$ext1 = trim($_REQUEST['ext1']);
$ext2 = trim($_REQUEST['ext2']);
$err_code = trim($_REQUEST['errCode']);
$sign_msg = trim($_REQUEST['signMsg']);
//生成加密串。必须保持如下顺序。
$merchant_signmsgval = '';
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "merchantAcctId", $merchant_acctid);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "version", $version);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "language", $language);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "signType", $sign_type);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "payType", $pay_type);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "bankId", $bank_id);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "orderId", $order_id);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "orderTime", $order_time);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "orderAmount", $order_amount);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "dealId", $deal_id);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "bankDealId", $bank_deal_id);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "dealTime", $deal_time);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "payAmount", $pay_amount);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "fee", $fee);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "ext1", $ext1);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "ext2", $ext2);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "payResult", $pay_result);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "errCode", $err_code);
$merchant_signmsgval = $this->append_param($merchant_signmsgval, "key", $key);
$merchant_signmsg = md5($merchant_signmsgval);
//首先对获得的商户号进行比对
if ($get_merchant_acctid != $merchant_acctid) {
//商户号错误
return false;
}
/* 检查支付的金额是否相符 */
if (!check_money($order_id, $pay_amount / 100)) {
return false;
}
if (strtoupper($sign_msg) == strtoupper($merchant_signmsg)) {
if ($pay_result == 10 || $pay_result == 00) {
order_paid($order_id);
return true;
} else {
//'支付结果失败';
return false;
}
} else {
//'密钥校对错误';
return false;
}
}
public function verify($notify_data, $sign)
{
//接收日志
$arr = array('txd_data' => '', 'txd_return' => $notify_data . $sign, 'txd_or' => '2', 'order_sn' => '0');
$this->get_token_log($arr, '1');
if (!$notify_data || !$sign) {
return false;
}
//配置
$pay_config = $this->db->getOne("SELECT pay_config FROM " . $this->ecs->table('payment') . " WHERE pay_code = 'TXD'");
$pay_config = unserialize($pay_config);
//验证
$this_sign = "notify_data=" . $notify_data . "||app_key=" . $pay_config['app_key'] . "++mch_key=" . $pay_config['cfg_key'];
$md5_this_sign = md5($this_sign);
//效验日志
$arr['txd_return'] = $this_sign . '-' . $md5_this_sign;
$this->get_token_log($arr, '1');
//判断
if ($sign != $md5_this_sign) {
return false;
}
//处理信息
$notify_data_arr = json_decode($notify_data, true);
//支付状态
if ($notify_data_arr['status'] != 'PAY_SUCCESS') {
return false;
}
//检查金额
$log_id = $this->db->getOne("SELECT p.log_id FROM " . $this->ecs->table('order_info') . " AS o LEFT JOIN " . $this->ecs->table('pay_log') . " AS p on p.order_id = o.order_id WHERE o.order_sn = '{$notify_data_arr['mch_order_no']}'");
//检查金额日志
$arr['txd_return'] = $log_id . '-' . $notify_data_arr['total_fee'];
$this->get_token_log($arr, '1');
if (!check_money($log_id, $notify_data_arr['total_fee'])) {
return false;
}
//日志
$arr = array('txd_data' => '', 'txd_return' => $notify_data . $sign, 'txd_or' => '2', 'order_sn' => $notify_data_arr['mch_order_no']);
$this->get_token_log($arr, '1');
//修改订单状态
$v_oid = get_order_id_by_sn($notify_data_arr['mch_order_no']);
order_paid($v_oid);
echo 'success';
}
/**
* 响应操作
*/
function respond()
{
$payment = get_payment('upop');
//$arr_args = array();
//$arr_reserved = array();
//print ("This is start");
if (is_array($_POST)) {
$arr_args = $_POST;
//$cupReserved = isset($arr_args['cupReserved']) ? $arr_args['cupReserved'] : '';
//parse_str(substr($cupReserved, 1, -1), $arr_reserved); //去掉前后的{}
}
/*
else
{
$cupReserved = '';
$pattern = '/cupReserved=(\{.*?\})/';
if (preg_match($pattern, $_POST, $match)) { //先提取cupReserved
$cupReserved = $match[1];
}
//将cupReserved的value清除(因为含有&, parse_str没法正常处理)
$args_r = preg_replace($pattern, 'cupReserved=', $_POST);
parse_str($args_r, $arr_args);
$arr_args['cupReserved'] = $cupReserved;
parse_str(substr($cupReserved, 1, -1), $arr_reserved); //去掉前后的{}
}
*/
//提取服务器端的签名
if (!isset($arr_args['signature'])) {
return false;
}
//print("signature".$arr_args['signature']."\n");
//验证签名
//$signature=$this->sign($arr_args, $payment['upop_security_key'],'md5');
if (!verify($arr_args)) {
return false;
}
//$arr_ret = array_merge($arr_args, $arr_reserved);
//unset($arr_ret['cupReserved']);
if ($arr_args['respCode'] != '00') {
return false;
}
/*
if(!strpos($arr_ret['orderNumber'], '-'))
{
return false;
}
*/
$order_sn_arr = $arr_args['orderId'];
$order_sn = substr($order_sn_arr, 0, 13);
//print ("order_sn".$order_sn."\n");
$pay_id = intval(substr($order_sn_arr, 14));
//print ("pay_id".$pay_id."\n");
$payment_amount = intval($arr_args['txnAmt']);
//print ("payment_amount".$payment_amount."\n");
// 检查商户账号是否一致。
$merID = array('105290007800029', '105290007800030', '105290007800034', '105290007800035');
if (!in_array($arr_args['merId'], $merID)) {
return false;
}
//检查价格是否一致
if (!check_money($pay_id, $payment_amount / 100)) {
return false;
}
// 如果未支付成功。
if ($arr_args['respCode'] != '00') {
return false;
}
$action_note = $arr_args['respCode'] . ':' . $arr_args['respMsg'] . $GLOBALS['_LANG']['upop_txn_id'] . ':' . $arr_args['queryId'];
// 完成订单。
order_paid($pay_id, PS_PAYED, $action_note);
//告诉用户交易完成
return true;
}
$market_trueprice = trim($_POST['market_trueprice']);
$money = trim($_POST['investnum']);
$payment = trim($_POST['payment']);
$code = trim($_POST['code']);
$log_id = trim($_POST['log_id']);
if (empty($payment) || empty($investnum) || empty($market_trueprice) || empty($log_id) || empty($code)) {
show_message($_LANG['submit_payment_error'], $_LANG['back_up_page'], 'flow.php');
exit;
}
$paystyle = get_payment($code);
//检查支付方式
if (empty($paystyle)) {
show_message($_LANG['submit_payment_style'], $_LANG['back_up_page'], 'flow.php');
exit;
}
$moneystatus = check_money($log_id, $money);
//检查支付的金额是否与订单相符
if (!$moneystatus) {
show_message($_LANG['submit_payment_num'], $_LANG['back_up_page'], 'flow.php');
exit;
}
/*支付方式的选择
if($payment == '0'){
}elseif($payment == '1'){
}*/
//支付成功
if (true) {
order_paid($log_id, $pay_status = PS_PAYED, $note = '');
//修改订单的支付状态
/**
* 响应操作
*/
function respond()
{
/*取返回参数*/
$cmd_no = $_GET['cmdno'];
$retcode = $_GET['retcode'];
$status = $_GET['status'];
$seller = $_GET['seller'];
$total_fee = $_GET['total_fee'];
$trade_price = $_GET['trade_price'];
$transport_fee = $_GET['transport_fee'];
$buyer_id = $_GET['buyer_id'];
$chnid = $_GET['chnid'];
$cft_tid = $_GET['cft_tid'];
$mch_vno = $_GET['mch_vno'];
$attach = !empty($_GET['attach']) ? $_GET['attach'] : '';
$version = $_GET['version'];
$sign = $_GET['sign'];
$payment = get_payment('tenpayc2c');
$log_id = get_order_id_by_sn($mch_vno);
//$log_id = str_replace($attach, '', $mch_vno); //取得支付的log_id
/* 如果$retcode大于0则表示支付失败 */
if ($retcode > 0)
{
//echo '操作失败';
return false;
}
/* 检查支付的金额是否相符 */
if (!check_money($log_id, $total_fee / 100))
{
//echo '金额不相等';
return false;
}
/* 检查数字签名是否正确 */
$sign_text = "buyer_id=" . $buyer_id . "&cft_tid=" . $cft_tid . "&chnid=" . $chnid . "&cmdno=" . $cmd_no . "&mch_vno=" . $mch_vno . "&retcode=" . $retcode . "&seller=" .$seller . "&status=" . $status . "&total_fee=" . $total_fee . "&trade_price=" . $trade_price . "&transport_fee=" . $transport_fee . "&version=" . $version . "&key=" . $payment['tenpay_key'];
$sign_md5 = strtoupper(md5($sign_text));
if ($sign_md5 != $sign)
{
//echo '签名错误';
return false;
}
elseif ($status = 3)
{
/* 改变订单状态为已付款 */
order_paid($log_id, PS_PAYING);
return true;
}
else
{
//为止error
return false;
}
}
/**
* 响应操作
*/
function respond()
{
$payment = get_payment($_GET['code']);
//--获取云网支付网关向商户发送的支付通知信息(以下简称为通知信息)
$c_mid = $_REQUEST['c_mid'];
//商户编号,在申请商户成功后即可获得,可以在申请商户成功的邮件中获取该编号
$c_order = $_REQUEST['c_order'];
//商户提供的订单号
$c_orderamount = $_REQUEST['c_orderamount'];
//商户提供的订单总金额,以元为单位,小数点后保留两位,如:13.05
$c_ymd = $_REQUEST['c_ymd'];
//商户传输过来的订单产生日期,格式为"yyyymmdd",如20050102
$c_transnum = $_REQUEST['c_transnum'];
//云网支付网关提供的该笔订单的交易流水号,供日后查询、核对使用;
$c_succmark = $_REQUEST['c_succmark'];
//交易成功标志,Y-成功 N-失败
$c_moneytype = $_REQUEST['c_moneytype'];
//支付币种,0为人民币
$c_cause = $_REQUEST['c_cause'];
//如果订单支付失败,则该值代表失败原因
$c_memo1 = $_REQUEST['c_memo1'];
//商户提供的需要在支付结果通知中转发的商户参数一
$c_memo2 = $_REQUEST['c_memo2'];
//商户提供的需要在支付结果通知中转发的商户参数二
$c_signstr = $_REQUEST['c_signstr'];
//云网支付网关对已上信息进行MD5加密后的字符串
//--校验信息完整性---
if ($c_mid == "" || $c_order == "" || $c_orderamount == "" || $c_ymd == "" || $c_moneytype == "" || $c_transnum == "" || $c_succmark == "" || $c_signstr == "") {
//echo "支付信息有误!";
return false;
}
//--将获得的通知信息拼成字符串,作为准备进行MD5加密的源串,需要注意的是,在拼串时,先后顺序不能改变
//商户的支付密钥,登录商户管理后台(https://www.cncard.net/admin/),在管理首页可找到该值
$c_pass = trim($payment['c_pass']);
$srcStr = $c_mid . $c_order . $c_orderamount . $c_ymd . $c_transnum . $c_succmark . $c_moneytype . $c_memo1 . $c_memo2 . $c_pass;
//--对支付通知信息进行MD5加密
$r_signstr = md5($srcStr);
//--校验商户网站对通知信息的MD5加密的结果和云网支付网关提供的MD5加密结果是否一致
if ($r_signstr != $c_signstr) {
//echo "签名验证失败";
return false;
}
//验证通过后,将订单sn转换为ID 来操作ec订单表
if ($c_memo2 == 'voucher') {
$c_order = get_order_id_by_sn($c_order, "true");
} else {
$c_order = get_order_id_by_sn($c_order);
}
/* 检查支付的金额是否相符 */
if (!check_money($c_order, $c_orderamount)) {
//echo "订单金额不对";
return false;
}
//--校验商户编号
$MerchantID = trim($payment['c_mid']);
//商户自己的编号
if ($MerchantID != $c_mid) {
//echo "提交的商户编号有误";
return false;
}
if ($c_memo1 != abs(crc32($payment['c_memo1']))) {
//echo "个性签名不一致";
//return false;
}
// $r_orderamount = $row["订单金额"]; //商户从自己订单系统获取该值
// if($r_orderamount!=$c_orderamount){
// echo "支付金额有误";
// exit;
// }
//--校验商户订单系统中记录的订单生成日期和云网支付网关通知信息中的订单生成日期是否一致
// $r_ymd = $row["订单生成日期"]; //商户从自己订单系统获取该值
// if($r_ymd!=$c_ymd){
// echo "订单时间有误";
// exit;
// }
//--校验返回的支付结果的格式是否正确
if ($c_succmark != "Y" && $c_succmark != "N") {
//echo "参数提交有误";
return false;
}
//--根据返回的支付结果,商户进行自己的发货等操作
if ($c_succmark = "Y") {
//根据商户自己商务规则,进行发货等系列操作
/* 改变订单状态 */
order_paid($c_order);
return true;
} else {
//echo $c_cause;
return false;
}
}
/**
* 响应操作
*/
function respond()
{
if (!empty($_POST)) {
foreach ($_POST as $key => $data) {
$_GET[$key] = $data;
}
}
$payment = get_payment($_GET['code']);
$seller_email = rawurldecode($_GET['seller_email']);
$log_id = str_replace($_GET['subject'], '', $_GET['out_trade_no']);
$log_id = trim($log_id);
if (!$log_id) {
$order = order_info(-1, $_GET['subject']);
$sql = "select log_id from " . $GLOBALS['ecs']->table('pay_log') . " where order_id=" . $order['order_id'];
$log_id = $GLOBALS['db']->getOne($sql);
}
/* 检查数字签名是否正确 */
ksort($_GET);
reset($_GET);
$sign = '';
foreach ($_GET as $key => $val) {
if ($key != 'sign' && $key != 'sign_type' && $key != 'code') {
$sign .= "{$key}={$val}&";
}
}
$sign = substr($sign, 0, -1) . $payment['alipay_key'];
//$sign = substr($sign, 0, -1) . ALIPAY_AUTH;
if (md5($sign) != $_GET['sign']) {
return false;
}
/* 检查支付的金额是否相符 */
if (!check_money($log_id, $_GET['total_fee'])) {
return false;
}
if ($_GET['trade_status'] == 'WAIT_SELLER_SEND_GOODS') {
/* 改变订单状态 */
order_paid($log_id, 2);
return true;
} elseif ($_GET['trade_status'] == 'TRADE_FINISHED') {
/* 改变订单状态 */
order_paid($log_id);
return true;
} elseif ($_GET['trade_status'] == 'TRADE_SUCCESS') {
/* 改变订单状态 */
order_paid($log_id, 2);
return true;
} else {
return false;
}
}
/**
* 处理函数
*/
function respond()
{
//exit;
$payment = get_payment('allpay_card24');
$timestamp = time();
$key = trim($payment['allpay_card24_key']);
$iv = trim($payment['allpay_card24_iv']);
$order_id = $_REQUEST['MerchantTradeNo'];
$log_id = $_REQUEST['log_id'];
$mer_id = $_REQUEST['MerchantID'];
$input_array = array("MerchantID" => $mer_id, "MerchantTradeNo" => $order_id, "TimeStamp" => $timestamp);
ksort($input_array);
$checkvalue = "HashKey={$key}&" . urldecode(http_build_query($input_array)) . "&HashIV={$iv}";
$checkvalue = strtolower(urlencode($checkvalue));
$checkvalue = md5($checkvalue);
$input_array["CheckMacValue"] = $checkvalue;
$sned_string = http_build_query($input_array);
$gateway = "https://payment.allpay.com.tw/Cashier/QueryTradeInfo";
//$gateway = "http://payment-stage.allpay.com.tw/Cashier/QueryTradeInfo";
$result = $this->get_result($gateway, $sned_string);
if (check_money($log_id, $_REQUEST['TradeAmt'])) {
$checkAmount = "1";
}
parse_str($result, $res);
//echo $_REQUEST['RtnCode'] . "||" . $checkAmount . "||" . $res["TradeStatus"] . "||" . $res["TradeAmt"] . "||" . $_REQUEST['TradeAmt'] . "||";
if ($_REQUEST['RtnCode'] == '1' && $checkAmount == '1' && $res["TradeStatus"] == "1" && $res["TradeAmt"] == $_REQUEST['TradeAmt']) {
$note = "付款完成" . date("Y-m-d H:i:s");
order_paid($log_id, PS_PAYED, $note);
return true;
} else {
return false;
}
}
/**
* 处理函数
*/
function respond()
{
if ($_REQUEST['succ'] == '1') {
$_REQUEST['c_succmark'] = 'Y';
}
if ($_REQUEST['succ'] == '0') {
$_REQUEST['c_succmark'] = 'N';
}
$payment = get_payment('gw_allpay6');
//print_r($_REQUEST);
$c_mid = $_REQUEST['c_mid'];
$c_order = $_REQUEST['od_sob'];
//訂單編號
$c_orderamount = $_REQUEST['amount'];
//商户提供的订单总金额,
$c_ymd = $_REQUEST['process_date'];
//商户传输过来的订单产生日期,格式为"yyyymmdd",如20050102
$c_transnum = $_REQUEST['gwsr'];
//云网支付网关提供的该笔订单的交易流水号,
$c_succmark = $_REQUEST['c_succmark'];
//交易成功标志,Y-成功 N-失败
$c_moneytype = $_REQUEST['c_moneytype'];
//支付币种,0为人民币
$c_cause = $_REQUEST['response_msg]'];
//如果订单支付失败,则该值代表失败原因
$c_memo1 = $_REQUEST['c_memo1'];
//商户提供的需要在支付结果通知中转发的商户参数一
$c_memo2 = $_REQUEST['c_memo2'];
//商户提供的需要在支付结果通知中转发的商户参数二
$c_signstr = $_REQUEST['inspect'];
//云网支付网关对已上信息进行MD5加密后的字
$c_checkcode = trim($payment['gw_allpay6_checkcode']);
$c_installmente = trim($payment['gw_allpay6_installment']);
function gwSpcheck($s, $U)
{
//算出認證用的字串
$a = substr($U, 0, 1) . substr($U, 2, 1) . substr($U, 4, 1);
//取出檢查碼的跳字組合 1,3,5 字元
$b = substr($U, 1, 1) . substr($U, 3, 1) . substr($U, 5, 1);
//取出檢查碼的跳字組合 2,4,6 字元
$c = $s % $U + $s + $a + $b;
//取餘數 + 檢查碼 + 奇位跳字組合 + 偶位跳字組合
return $c;
}
$TOkSi = $_REQUEST['process_time'] + $_REQUEST['gwsr'] + $_REQUEST['amount'];
$my_spcheck = gwSpcheck($c_checkcode, $TOkSi);
/*if(intval(order_amount($c_order))==intval($c_orderamount)){
$checkAmount="1";
};*/
if (check_money($c_order, $c_orderamount)) {
$checkAmount = "1";
}
/* echo '$c_orderamount='.$c_orderamount.'<br>' ;
echo '$c_order='.$c_order.'<br>';
echo '$my_spcheck='.$my_spcheck.'<br>';
echo '$_REQUEST["spcheck"]='.$_REQUEST['spcheck'].'<br>';
echo '$_REQUEST["succ"]='.$_REQUEST['succ'].'<br>';
echo '$checkAmount='.$checkAmount.'<br>'; */
if ($my_spcheck != $_REQUEST['spcheck'] || $_REQUEST['succ'] != '1' || $checkAmount != "1") {
echo '失敗';
return false;
} else {
$note = '歐付寶交易流水号:' . $c_transnum . ' 總金額:' . $c_orderamount;
if ($_REQUEST['inv_error'] == "0") {
$note .= ',發票開立成功。';
} else {
if ($_REQUEST['inv_error'] == "") {
$note .= ',未開立發票。';
} else {
$note .= ',發票錯誤代碼' . $_REQUEST['inv_error'];
}
}
/* 改变订单状态 */
// PS_PAYING 代表已經付款
// PS_PAYED 代表還沒有付款
//echo $c_order."-".PS_PAYED."-".$c_ymd."<br>";
order_paid($c_order, PS_PAYED, $note);
//exit;
//order_paid($c_memo2, PS_PAYING, $note);
return true;
}
}
/**
* 处理函数
*/
function respond()
{
if ($_REQUEST['succ'] == '1') {
$_REQUEST['c_succmark'] = 'Y';
}
if ($_REQUEST['succ'] == '0') {
$_REQUEST['c_succmark'] = 'N';
}
//echo 'OK';
//exit;
$payment = get_payment('ecbank_webatm');
//驗證碼
$checkcode = trim($payment['ecbank_webatm_checkcode']);
// 組合字串
$serial = trim($_REQUEST['proc_date'] . $_REQUEST['proc_time'] . $_REQUEST['tsr']);
// 回傳的交易驗證壓碼
$tac = trim($_REQUEST['tac']);
$c_order = trim($_REQUEST['od_sob']);
$c_orderamount = $_REQUEST['amt'];
$ecbank_gateway = 'https://ecbank.com.tw/web_service/get_outmac_valid.php';
$post_parm = 'key=' . $checkcode . '&serial=' . $serial . '&tac=' . $tac;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $ecbank_gateway);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_parm);
$strAuth = curl_exec($ch);
if (curl_errno($ch)) {
$strAuth = false;
}
curl_close($ch);
if (check_money($c_order, $c_orderamount)) {
$checkAmount = "1";
}
//print_r($strAuth); echo "<hr>";
//echo "here:".$tac_valid; exit;
if ($strAuth == 'valid=1') {
if ($_REQUEST['succ'] == '1' && $checkAmount == "1") {
//$sql = 'UPDATE ' . $GLOBALS['ecs']->table('pay_log') . " SET is_paid = '0' WHERE log_id = '$c_order'";
//$GLOBALS['db']->query($sql);
if ($_REQUEST['inv_error'] == "0") {
$note .= ',發票開立成功。';
} else {
if ($_REQUEST['inv_error'] == "") {
$note .= ',未開立發票。';
} else {
$note .= ',發票錯誤代碼' . $_REQUEST['inv_error'];
}
}
order_paid($c_order, PS_PAYED, $note);
return true;
}
} else {
//print_r($_REQUEST);
$def_url = '不合法的交易';
return $def_url;
//echo '不合法的交易:'.$strAut;
return false;
exit;
}
}
function respond()
{
$payment = get_payment('express');
$merchant = $payment['ips_account'];
// 商户号
$amount = $_REQUEST['Amount'];
//金额
$billno = $_REQUEST['BillNo'];
//订单号
$success = $_REQUEST['Success'];
//是否成功Y/N
$remark = $_REQUEST['Remark'];
//附加信息
$sign = $_REQUEST['Sign'];
$strcert = $payment['ips_key'];
$signmd5 = md5($merchant . $billno . $amount . $remark . $success . $payment['ips_key']);
if ($sign != $signmd5) {
echo $billno;
return false;
}
if ($success != 'Y') {
return false;
} else {
if (!check_money($billno, $amount)) {
return false;
}
}
$fp = @fopen("http://express.ips.com.cn/merchant/confirm.asp?Merchant=" . $merchant . "&BillNo=" . $billno . "&Amount=" . $amount . "&Success=" . $success . "&Remark=" . $remark . "&sign=" . $sign, 'rb');
if (!empty($fp)) {
fclose($fp);
}
order_paid($bid, PS_PAYED);
return true;
}
function respond()
{
$payment = get_payment($_GET['code']);
$billno = $_GET['billno'];
$amount = $_GET['amount'];
$mydate = $_GET['date'];
$succ = $_GET['succ'];
$msg = $_GET['msg'];
$ipsbillno = $_GET['ipsbillno'];
$retEncodeType = $_GET['retencodetype'];
$currency_type = $_GET['Currency_type'];
$signature = $_GET['signature'];
$order_sn = intval(substr($billno, 0, 10));
if ($succ == 'Y')
{
$content = $billno . $amount . $mydate . $succ . $ipsbillno . $currency_type;
$cert = $payment['ips_key'];
$signature_1ocal = md5($content . $cert);
if ($signature_1ocal == $signature)
{
if (!check_money($order_sn, $amount))
{
return false;
}
order_paid($order_sn);
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
function POST_pay_verify()
{
if (!isset($_POST) || empty($_POST)) {
return false;
}
$arr = array();
$arr['orderid'] = $_POST['orderid'];
//订单号
$arr['chargemoney'] = $_POST['chargemoney'];
//金额
$arr['systemno'] = $_POST['systemno'];
//新泛联订单号
$arr['channelid'] = $_POST['channelid'];
//支付渠道
$arr['status'] = $_POST['status'];
//支付状态
$arr['ext1'] = $_POST['ext1'];
$arr['ext2'] = $_POST['ext2'];
$arr['validate'] = $_POST['validate'];
//md5 值
$arr['key'] = $this->order_num($arr['orderid']);
$this->untx_pay_log($arr, 2);
$md5_respond = $this->POST_md5_respond($arr);
//dump($md5_respond);
if ($arr['validate'] == $md5_respond) {
if ($arr['status'] == '1') {
if ($arr['ext1'] == 'rechargeable') {
$v_oid = get_order_id_by_sn($arr['orderid'], 'true');
} else {
$v_oid = get_order_id_by_sn($arr['orderid']);
}
//检查金额
if (!check_money($v_oid, $_POST['chargemoney'])) {
return '0';
exit;
}
//返回成功信息
order_paid($v_oid);
return '1';
}
} else {
return '0';
}
}
